Revert ssl_asn1.c r1.50 - CBB and freezero(3) do not play nicely together.

Back this out while we investigate and implement a solution. Found the hard way by sthen@
author: jsing <> 2017-04-11 13:14:08 +0000
committer: jsing <> 2017-04-11 13:14:08 +0000
commit: cd55c3b0c4a69244140d116d0a9458ea69ab5bd1 (patch)
tree: 4582d80f6a35381be6c7b87894adde869f0d120b /src/lib/libssl/ssl_asn1.c
parent: 273d81da8e6c33e4fb69acef1e3b480bee8e339b (diff)
download: openbsd-cd55c3b0c4a69244140d116d0a9458ea69ab5bd1.tar.gz
openbsd-cd55c3b0c4a69244140d116d0a9458ea69ab5bd1.tar.bz2
openbsd-cd55c3b0c4a69244140d116d0a9458ea69ab5bd1.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index 5110ca3cc8..aca34f8c3e 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_asn1.c,v 1.50 2017/04/10 16:47:08 jsing Exp $ */
+/* $OpenBSD: ssl_asn1.c,v 1.51 2017/04/11 13:14:08 jsing Exp $ */
 /*
 * Copyright (c) 2016 Joel Sing <jsing@openbsd.org>
@@ -205,9 +205,12 @@ i2d_SSL_SESSION(SSL_SESSION *s, unsigned char **pp)
        rv = (int)data_len;
 err:
+        if (data != NULL)
+                explicit_bzero(data, data_len);
        CBB_cleanup(&session);
-        freezero(data, data_len);
        free(peer_cert_bytes);
+        free(data);
        return rv;
 }
author	jsing <>	2017-04-11 13:14:08 +0000
committer	jsing <>	2017-04-11 13:14:08 +0000
commit	cd55c3b0c4a69244140d116d0a9458ea69ab5bd1 (patch)
tree	4582d80f6a35381be6c7b87894adde869f0d120b /src/lib/libssl/ssl_asn1.c
parent	273d81da8e6c33e4fb69acef1e3b480bee8e339b (diff)
download	openbsd-cd55c3b0c4a69244140d116d0a9458ea69ab5bd1.tar.gz openbsd-cd55c3b0c4a69244140d116d0a9458ea69ab5bd1.tar.bz2 openbsd-cd55c3b0c4a69244140d116d0a9458ea69ab5bd1.zip